The invention relates generally to systems employing cryptography-based security, and more particularly to systems employing cryptography based security utilizing digital signatures and key certificates.
With the increase in electronic commerce, the encryption of proprietary information and the application of electronic signatures to documents and other content is becoming more widespread. In some cryptography based systems, such as those employing public key cryptography techniques, digital signature key pairs (a private key and a public key) are used to authenticate a digital signature of a subscriber to ensure that a message sent by a subscriber actually came from the subscriber sending the message. In addition to digital signature key pairs, encryption key pairs are also generally used to encrypt the data being sent from one subscriber to another subscriber.
Certificates are generated by a manager or trusted certification authority, such as a network server, for the public keys of the private/public key pair to certify that the keys are authentic and valid. The public keys and certificates are used for two main purposes: verifying a digital signature and encrypting information. The receiver of a digitally signed e-mail or document for example, typically uses the public key in the sender's certificate to verify the digital signature of the sender. A subscriber wishing to send encrypted e-mail first encrypts the e-mail with a random symmetric key, then uses the intended receiver's public key to encrypt the symmetric key and then attaches the encrypted symmetric key to the encrypted e-mail so that the receiver can decrypt the e-mail. A subscriber unit sending a message sends the encrypted data with its digital signature along with a certificate.
The certificate has the certification authority's signature embedded as part of the certificate. A receiver validates the digital signature by looking at the received certificate. Each client stores a certification authority public key to verify that the certificate was made by the trusted certification authority.
In typical public key cryptography systems, the certification authorities are capable of revoking public key certificates if for example the user's privileges are withdrawn. The certification authority also revokes certificates if the public key of a subscriber is somehow compromised and the subscriber or security personnel notifies a certification authority that the certificate should be revoked so that subsequent receivers of the public key certificate are not fooled into thinking that the sender is the actual subscriber sending the message. For example, in the case of a stolen private key, the unscrupulous holder of the stolen private key could act as the proper user. However if the certification authority revokes the public key certificate for that subscriber, all subscribers receiving messages from the subscriber using a revoked public key certificate are notified through a certificate revocation list (CRL) listing the revoked certificate. Therefore a receiver of a message from an unscrupulous hacker can determine that the content of the message is untrustworthy. In prior art public key cryptography systems, in addition to CRLs, authority revocation lists (ARL) are also typically generated by certification authorities. The authority revocation lists indicate that a particular certification authority has been revoked so that all certificates issued from that certification authority are no longer valid.
As more and more electronic transactions are being made via electronic based networks, digital signature data and other digital data may need to be authenticated at a later date, for example in legal proceedings many years after an electronic agreement was executed. For example, if a wire transfer had been made electronically from one client to another and a dispute arises fifty years later, a mechanism is needed to ensure that the digital signature on the wire transfer was in fact authentic at the time it was sent and that the transaction was wired by authorized personnel. In addition, as technology becomes more efficient at breaking cryptographic codes, digital documents that are digitally signed at one point in time may be easy to forge ten years later which may allow an unscrupulous person to attempt to modify the terms of a contract or wire transfer.
A proposal to help ensure the integrity of electronic digital signatures and data communicated therewith, is to have a type of device that serves as an electronic notary to periodically digitally sign packages of evidence or data to authenticate the original signature on a periodic basis, such as every ten years. Electronic notarization would typically have a higher level cryptographic key, thereby making it more difficult for improper modification of the documents over time. With such a proposal, verification of the authenticity of the digital signature and/or accompanying data is done by issuing a notary token. The notary token may include the digital signature of the notarizing unit and the date and time electronic notarization occurred.
A problem arises with the proposed notary device if a user deliberately compromises their own private key. For example, if a client authorizes an electronic bank transfer and applies their digital signature to the transfer, and the next day denies having authorized the bank transfer, the transfer may have already been approved through the system since typically there is a delay in issuing a certificate revocation. Certificate revocations and postings in a CRL may take hours or days after a certification authority is notified of a compromise. Moreover, generally a user has a certain time period within which to notify a certification authority of the compromise. This time period is typically dictated by contract terms that the user agrees to when becoming a member of the network. This time period before which a user must notify a certification authority that the private key has been compromised, may also be hours or days. Hence, in conventional systems, there is typically a latency period between the time at which a security key becomes compromised and the time at which the compromise needs to be reported. During the latency, the transaction may be inadvertently approved by a receiving subscriber who is not informed of the revocation to the public key certificate in ample time. The result may be catastrophic, particularly in the case where a large sum of money is involved.
Other proposals include sending all digitally stored evidence or documents to a trusted electronic warehouse where the electronic warehouse operator stores the information and archives it with a time stamp indicating when they received it. Again, however, if an unscrupulous person wishes to modify electronic documents there is a single point of failure at the warehouse.
Consequently a need exists for a system for notarizing digital data that provides secure authentication of information that has been digitally signed by a member of the network community.